CWE-601

GPTKB entity

Statements (21)
Predicate Object
gptkbp:instance_of gptkb:Common_Weakness_Enumeration
gptkbp:bfsLayer 5
gptkbp:bfsParent gptkb:CWE-20
gptkbp:category Improper Input Validation
gptkbp:consequences User redirection to a malicious site.
gptkbp:difficulty gptkb:tank
gptkbp:enemy gptkb:software_framework
gptkbp:example Redirecting to a URL based on user input without validation.
gptkbp:has_weakness gptkb:CWE-601
https://www.w3.org/2000/01/rdf-schema#label CWE-601
gptkbp:impact Phishing attacks
Malware distribution
gptkbp:is_described_as A weakness that allows an attacker to redirect users to a malicious site.
gptkbp:is_protected_by Use a whitelist of allowed UR Ls
Validate redirect UR Ls
gptkbp:is_referenced_in gptkb:SANS_Top_25
gptkb:API
NISTSP 800-53
gptkbp:name URL Redirection to Untrusted Site (' Open Redirect')
gptkbp:related_to gptkb:CWE-601
gptkb:CWE-20